Hi all, I'm trying to host a Wicket Application in an Azure cloud environment. A third party with Azure knowledge (which I lack atm) put up a proxy for us that enforces 2factor authentication. If the user is allowed in, the traffic is send to our application.
That way we don't have to spend too much time internet-hardening* our application, while still being able to run it in the cloud. However, it seems Wicket (/Jetty?) is redirecting to browser to absolute urls, and these are not reachable from the browser. For example, our app runs at somemagicurl222343.cloud.net, and is available at proxy url: client-proxy.cloud.net. Redirects are given to somemagicurl222343.cloud.net, which is not directly reachable. What would be the 'proper' solution? I think the proxy might rewrite redirects (not sure how), but maybe relative redirects would solve the issue as well? *we stick to OWASP etc. as much as possible, but it is sensitive data so we try to be on the safer side by keeping the application behind a fence.
